summaryrefslogtreecommitdiff
path: root/net/socket/transport_client_socket_pool_unittest.cc
diff options
context:
space:
mode:
authorCronet Mainline Eng <cronet-mainline-eng+copybara@google.com>2024-05-28 13:59:50 +0900
committerMotomu Utsumi <motomuman@google.com>2024-05-28 14:11:54 +0900
commit168f7e285114554eb2ac9bc22343cca461355b50 (patch)
treec65ccc97fb3dc01e329951c1c7c7901aef7b7a2a /net/socket/transport_client_socket_pool_unittest.cc
parent5cfdd35118d5a23349255971e97737e32895ec0f (diff)
downloadcronet-168f7e285114554eb2ac9bc22343cca461355b50.tar.gz
Import Cronet version 122.0.6261.43
FolderOrigin-RevId: /tmp/copybara-origin/src Change-Id: Ifb7b548cde690e10cc102366bc538e744efa902b
Diffstat (limited to 'net/socket/transport_client_socket_pool_unittest.cc')
-rw-r--r--net/socket/transport_client_socket_pool_unittest.cc232
1 files changed, 112 insertions, 120 deletions
diff --git a/net/socket/transport_client_socket_pool_unittest.cc b/net/socket/transport_client_socket_pool_unittest.cc
index 63bc6b999..384695493 100644
--- a/net/socket/transport_client_socket_pool_unittest.cc
+++ b/net/socket/transport_client_socket_pool_unittest.cc
@@ -23,13 +23,13 @@
#include "net/base/load_timing_info.h"
#include "net/base/load_timing_info_test_util.h"
#include "net/base/net_errors.h"
+#include "net/base/network_anonymization_key.h"
#include "net/base/privacy_mode.h"
#include "net/base/proxy_chain.h"
#include "net/base/proxy_server.h"
#include "net/base/proxy_string_util.h"
#include "net/base/schemeful_site.h"
#include "net/base/test_completion_callback.h"
-#include "net/cert/ct_policy_enforcer.h"
#include "net/cert/mock_cert_verifier.h"
#include "net/dns/mock_host_resolver.h"
#include "net/dns/public/secure_dns_policy.h"
@@ -118,7 +118,8 @@ class TransportClientSocketPoolTest : public ::testing::Test,
group_id_(url::SchemeHostPort(url::kHttpScheme, "www.google.com", 80),
PrivacyMode::PRIVACY_MODE_DISABLED,
NetworkAnonymizationKey(),
- SecureDnsPolicy::kAllow),
+ SecureDnsPolicy::kAllow,
+ /*disable_cert_network_fetches=*/false),
params_(ClientSocketPool::SocketParams::CreateForHttpForTesting()),
client_socket_factory_(NetLog::Get()) {
std::unique_ptr<MockCertVerifier> cert_verifier =
@@ -167,7 +168,7 @@ class TransportClientSocketPoolTest : public ::testing::Test,
ClientSocketPool::GroupId group_id(
url::SchemeHostPort(url::kHttpScheme, host_name, 80),
PrivacyMode::PRIVACY_MODE_DISABLED, NetworkAnonymizationKey(),
- SecureDnsPolicy::kAllow);
+ SecureDnsPolicy::kAllow, /*disable_cert_network_fetches=*/false);
return test_base_.StartRequestUsingPool(
pool_.get(), group_id, priority,
ClientSocketPool::RespectLimits::ENABLED,
@@ -270,7 +271,7 @@ TEST_F(TransportClientSocketPoolTest, SetSecureDnsPolicy) {
ClientSocketPool::GroupId group_id(
url::SchemeHostPort(url::kHttpScheme, "www.google.com", 80),
PrivacyMode::PRIVACY_MODE_DISABLED, NetworkAnonymizationKey(),
- secure_dns_policy);
+ secure_dns_policy, /*disable_cert_network_fetches=*/false);
EXPECT_EQ(
ERR_IO_PENDING,
handle.Init(group_id, params_, absl::nullopt /* proxy_annotation_tag */,
@@ -1063,7 +1064,7 @@ TEST(TransportClientSocketPoolStandaloneTest, DontCleanupOnIPAddressChange) {
const ClientSocketPool::GroupId group_id(
url::SchemeHostPort(url::kHttpScheme, "www.google.com", 80),
PrivacyMode::PRIVACY_MODE_DISABLED, NetworkAnonymizationKey(),
- SecureDnsPolicy::kAllow);
+ SecureDnsPolicy::kAllow, /*disable_cert_network_fetches=*/false);
TestCompletionCallback callback;
ClientSocketHandle handle;
int rv =
@@ -1105,15 +1106,15 @@ TEST_F(TransportClientSocketPoolTest, SSLCertError) {
scoped_refptr<ClientSocketPool::SocketParams> socket_params =
base::MakeRefCounted<ClientSocketPool::SocketParams>(
- std::move(ssl_config_for_origin),
- /*base_ssl_config_for_proxies=*/nullptr);
+ std::move(ssl_config_for_origin));
ClientSocketHandle handle;
TestCompletionCallback callback;
int rv =
handle.Init(ClientSocketPool::GroupId(
kEndpoint, PrivacyMode::PRIVACY_MODE_DISABLED,
- NetworkAnonymizationKey(), SecureDnsPolicy::kAllow),
+ NetworkAnonymizationKey(), SecureDnsPolicy::kAllow,
+ /*disable_cert_network_fetches=*/false),
socket_params, absl::nullopt /* proxy_annotation_tag */,
MEDIUM, SocketTag(), ClientSocketPool::RespectLimits::ENABLED,
callback.callback(), ClientSocketPool::ProxyAuthCallback(),
@@ -1203,7 +1204,7 @@ TEST_P(TransportClientSocketPoolSSLConfigChangeTest, GracefulConfigChange) {
ClientSocketPool::GroupId group_id2(
url::SchemeHostPort(url::kHttpScheme, "bar.example.com", 80),
PrivacyMode::PRIVACY_MODE_DISABLED, NetworkAnonymizationKey(),
- SecureDnsPolicy::kAllow);
+ SecureDnsPolicy::kAllow, /*disable_cert_network_fetches=*/false);
TestCompletionCallback callback;
int rv =
handle2.Init(group_id2, params_, /*proxy_annotation_tag=*/absl::nullopt,
@@ -1228,7 +1229,7 @@ TEST_P(TransportClientSocketPoolSSLConfigChangeTest, GracefulConfigChange) {
ClientSocketPool::GroupId group_id3(
url::SchemeHostPort(url::kHttpScheme, "foo.example.com", 80),
PrivacyMode::PRIVACY_MODE_DISABLED, NetworkAnonymizationKey(),
- SecureDnsPolicy::kAllow);
+ SecureDnsPolicy::kAllow, /*disable_cert_network_fetches=*/false);
TestCompletionCallback callback3;
ClientSocketHandle handle3;
int rv =
@@ -1515,8 +1516,7 @@ TEST_F(TransportClientSocketPoolTest, SOCKS) {
for (IoMode socket_io_mode : {SYNCHRONOUS, ASYNC}) {
scoped_refptr<ClientSocketPool::SocketParams> socket_params =
base::MakeRefCounted<ClientSocketPool::SocketParams>(
- /*ssl_config_for_origin=*/nullptr,
- /*base_ssl_config_for_proxies=*/nullptr);
+ /*ssl_config_for_origin=*/nullptr);
SOCKS5MockData data(socket_io_mode);
data.data_provider()->set_connect_data(MockConnect(socket_io_mode, OK));
@@ -1526,7 +1526,8 @@ TEST_F(TransportClientSocketPoolTest, SOCKS) {
int rv = handle.Init(
ClientSocketPool::GroupId(
kDestination, PrivacyMode::PRIVACY_MODE_DISABLED,
- NetworkAnonymizationKey(), SecureDnsPolicy::kAllow),
+ NetworkAnonymizationKey(), SecureDnsPolicy::kAllow,
+ /*disable_cert_network_fetches=*/false),
socket_params, TRAFFIC_ANNOTATION_FOR_TESTS, LOW, SocketTag(),
ClientSocketPool::RespectLimits::ENABLED, callback.callback(),
ClientSocketPool::ProxyAuthCallback(), &proxy_pool, NetLogWithSource());
@@ -1589,12 +1590,11 @@ TEST_F(TransportClientSocketPoolTest, SpdyOneConnectJobTwoRequestsError) {
scoped_refptr<ClientSocketPool::SocketParams> socket_params =
base::MakeRefCounted<ClientSocketPool::SocketParams>(
- /*ssl_config_for_origin=*/std::make_unique<SSLConfig>(),
- /*base_ssl_config_for_proxies=*/std::make_unique<SSLConfig>());
+ /*ssl_config_for_origin=*/std::make_unique<SSLConfig>());
ClientSocketPool::GroupId group_id(
kEndpoint, PrivacyMode::PRIVACY_MODE_DISABLED, NetworkAnonymizationKey(),
- SecureDnsPolicy::kAllow);
+ SecureDnsPolicy::kAllow, /*disable_cert_network_fetches=*/false);
// Start the first connection attempt.
TestCompletionCallback callback1;
@@ -1694,12 +1694,11 @@ TEST_F(TransportClientSocketPoolTest, SpdyAuthOneConnectJobTwoRequests) {
scoped_refptr<ClientSocketPool::SocketParams> socket_params =
base::MakeRefCounted<ClientSocketPool::SocketParams>(
- /*ssl_config_for_origin=*/std::make_unique<SSLConfig>(),
- /*base_ssl_config_for_proxies=*/std::make_unique<SSLConfig>());
+ /*ssl_config_for_origin=*/std::make_unique<SSLConfig>());
ClientSocketPool::GroupId group_id(
kEndpoint, PrivacyMode::PRIVACY_MODE_DISABLED, NetworkAnonymizationKey(),
- SecureDnsPolicy::kAllow);
+ SecureDnsPolicy::kAllow, /*disable_cert_network_fetches=*/false);
// Start the first connection attempt.
TestCompletionCallback callback1;
@@ -1790,13 +1789,13 @@ TEST_F(TransportClientSocketPoolTest, HttpTunnelSetupRedirect) {
scoped_refptr<ClientSocketPool::SocketParams> socket_params =
base::MakeRefCounted<ClientSocketPool::SocketParams>(
- /*ssl_config_for_origin=*/std::make_unique<SSLConfig>(),
- /*base_ssl_config_for_proxies=*/std::make_unique<SSLConfig>());
+ /*ssl_config_for_origin=*/std::make_unique<SSLConfig>());
int rv = handle.Init(
ClientSocketPool::GroupId(
kEndpoint, PrivacyMode::PRIVACY_MODE_DISABLED,
- NetworkAnonymizationKey(), SecureDnsPolicy::kAllow),
+ NetworkAnonymizationKey(), SecureDnsPolicy::kAllow,
+ /*disable_cert_network_fetches=*/false),
socket_params, TRAFFIC_ANNOTATION_FOR_TESTS, LOW, SocketTag(),
ClientSocketPool::RespectLimits::ENABLED, callback.callback(),
ClientSocketPool::ProxyAuthCallback(), &proxy_pool,
@@ -1829,14 +1828,13 @@ TEST_F(TransportClientSocketPoolTest, NetworkAnonymizationKey) {
TransportClientSocketPool::GroupId group_id(
url::SchemeHostPort(url::kHttpScheme, kHost, 80),
PrivacyMode::PRIVACY_MODE_DISABLED, kNetworkAnonymizationKey,
- SecureDnsPolicy::kAllow);
+ SecureDnsPolicy::kAllow, /*disable_cert_network_fetches=*/false);
ClientSocketHandle handle;
TestCompletionCallback callback;
EXPECT_THAT(
handle.Init(group_id,
base::MakeRefCounted<ClientSocketPool::SocketParams>(
- /*ssl_config_for_origin=*/nullptr,
- /*base_ssl_config_for_proxies=*/nullptr),
+ /*ssl_config_for_origin=*/nullptr),
TRAFFIC_ANNOTATION_FOR_TESTS, LOW, SocketTag(),
ClientSocketPool::RespectLimits::ENABLED, callback.callback(),
ClientSocketPool::ProxyAuthCallback(), pool_.get(),
@@ -1849,7 +1847,7 @@ TEST_F(TransportClientSocketPoolTest, NetworkAnonymizationKey) {
session_deps_.host_resolver->request_network_anonymization_key(1));
}
-TEST_F(TransportClientSocketPoolTest, NetworkIsolationKeySsl) {
+TEST_F(TransportClientSocketPoolTest, NetworkAnonymizationKeySsl) {
const SchemefulSite kSite(GURL("https://foo.test/"));
const auto kNetworkAnonymizationKey =
NetworkAnonymizationKey::CreateSameSite(kSite);
@@ -1868,7 +1866,7 @@ TEST_F(TransportClientSocketPoolTest, NetworkIsolationKeySsl) {
TransportClientSocketPool::GroupId group_id(
url::SchemeHostPort(url::kHttpsScheme, kHost, 443),
PrivacyMode::PRIVACY_MODE_DISABLED, kNetworkAnonymizationKey,
- SecureDnsPolicy::kAllow);
+ SecureDnsPolicy::kAllow, /*disable_cert_network_fetches=*/false);
auto ssl_config_for_origin = std::make_unique<SSLConfig>();
ssl_config_for_origin->alpn_protos = {kProtoHTTP2, kProtoHTTP11};
ClientSocketHandle handle;
@@ -1876,8 +1874,7 @@ TEST_F(TransportClientSocketPoolTest, NetworkIsolationKeySsl) {
EXPECT_THAT(
handle.Init(group_id,
base::MakeRefCounted<ClientSocketPool::SocketParams>(
- std::move(ssl_config_for_origin),
- /*base_ssl_config_for_proxies=*/nullptr),
+ std::move(ssl_config_for_origin)),
TRAFFIC_ANNOTATION_FOR_TESTS, LOW, SocketTag(),
ClientSocketPool::RespectLimits::ENABLED, callback.callback(),
ClientSocketPool::ProxyAuthCallback(), pool_.get(),
@@ -1892,8 +1889,8 @@ TEST_F(TransportClientSocketPoolTest, NetworkIsolationKeySsl) {
// Test that, in the case of an HTTP proxy, the same transient
// NetworkAnonymizationKey is reused for resolving the proxy's host, regardless
-// of input NIK.
-TEST_F(TransportClientSocketPoolTest, NetworkIsolationKeyHttpProxy) {
+// of input NAK.
+TEST_F(TransportClientSocketPoolTest, NetworkAnonymizationKeyHttpProxy) {
const SchemefulSite kSite1(GURL("https://foo.test/"));
const auto kNetworkAnonymizationKey1 =
NetworkAnonymizationKey::CreateSameSite(kSite1);
@@ -1921,14 +1918,13 @@ TEST_F(TransportClientSocketPoolTest, NetworkIsolationKeyHttpProxy) {
TransportClientSocketPool::GroupId group_id1(
url::SchemeHostPort(url::kHttpScheme, kHost, 80),
PrivacyMode::PRIVACY_MODE_DISABLED, kNetworkAnonymizationKey1,
- SecureDnsPolicy::kAllow);
+ SecureDnsPolicy::kAllow, /*disable_cert_network_fetches=*/false);
ClientSocketHandle handle1;
TestCompletionCallback callback1;
EXPECT_THAT(
handle1.Init(group_id1,
base::MakeRefCounted<ClientSocketPool::SocketParams>(
- /*ssl_config_for_origin=*/nullptr,
- /*base_ssl_config_for_proxies=*/nullptr),
+ /*ssl_config_for_origin=*/nullptr),
TRAFFIC_ANNOTATION_FOR_TESTS, LOW, SocketTag(),
ClientSocketPool::RespectLimits::ENABLED,
callback1.callback(), ClientSocketPool::ProxyAuthCallback(),
@@ -1938,14 +1934,13 @@ TEST_F(TransportClientSocketPoolTest, NetworkIsolationKeyHttpProxy) {
TransportClientSocketPool::GroupId group_id2(
url::SchemeHostPort(url::kHttpScheme, kHost, 80),
PrivacyMode::PRIVACY_MODE_DISABLED, kNetworkAnonymizationKey2,
- SecureDnsPolicy::kAllow);
+ SecureDnsPolicy::kAllow, /*disable_cert_network_fetches=*/false);
ClientSocketHandle handle2;
TestCompletionCallback callback2;
EXPECT_THAT(
handle2.Init(group_id2,
base::MakeRefCounted<ClientSocketPool::SocketParams>(
- /*ssl_config_for_origin=*/nullptr,
- /*base_ssl_config_for_proxies=*/nullptr),
+ /*ssl_config_for_origin=*/nullptr),
TRAFFIC_ANNOTATION_FOR_TESTS, LOW, SocketTag(),
ClientSocketPool::RespectLimits::ENABLED,
callback1.callback(), ClientSocketPool::ProxyAuthCallback(),
@@ -1953,10 +1948,12 @@ TEST_F(TransportClientSocketPoolTest, NetworkIsolationKeyHttpProxy) {
IsError(ERR_IO_PENDING));
ASSERT_EQ(2u, session_deps_.host_resolver->last_id());
- EXPECT_EQ(kProxyChain.proxy_server().host_port_pair().host(),
- session_deps_.host_resolver->request_host(1));
- EXPECT_EQ(kProxyChain.proxy_server().host_port_pair().host(),
- session_deps_.host_resolver->request_host(2));
+ EXPECT_EQ(
+ kProxyChain.GetProxyServer(/*server_index=*/0).host_port_pair().host(),
+ session_deps_.host_resolver->request_host(1));
+ EXPECT_EQ(
+ kProxyChain.GetProxyServer(/*server_index=*/0).host_port_pair().host(),
+ session_deps_.host_resolver->request_host(2));
EXPECT_TRUE(session_deps_.host_resolver->request_network_anonymization_key(1)
.IsTransient());
EXPECT_EQ(session_deps_.host_resolver->request_network_anonymization_key(1),
@@ -1965,8 +1962,8 @@ TEST_F(TransportClientSocketPoolTest, NetworkIsolationKeyHttpProxy) {
// Test that, in the case of an HTTPS proxy, the same transient
// NetworkAnonymizationKey is reused for resolving the proxy's host, regardless
-// of input NIK.
-TEST_F(TransportClientSocketPoolTest, NetworkIsolationKeyHttpsProxy) {
+// of input NAK.
+TEST_F(TransportClientSocketPoolTest, NetworkAnonymizationKeyHttpsProxy) {
const SchemefulSite kSite1(GURL("https://foo.test/"));
const auto kNetworkAnonymizationKey1 =
NetworkAnonymizationKey::CreateSameSite(kSite1);
@@ -1994,44 +1991,42 @@ TEST_F(TransportClientSocketPoolTest, NetworkIsolationKeyHttpsProxy) {
TransportClientSocketPool::GroupId group_id1(
url::SchemeHostPort(url::kHttpScheme, kHost, 80),
PrivacyMode::PRIVACY_MODE_DISABLED, kNetworkAnonymizationKey1,
- SecureDnsPolicy::kAllow);
+ SecureDnsPolicy::kAllow, /*disable_cert_network_fetches=*/false);
ClientSocketHandle handle1;
TestCompletionCallback callback1;
EXPECT_THAT(
- handle1.Init(
- group_id1,
- base::MakeRefCounted<ClientSocketPool::SocketParams>(
- /*ssl_config_for_origin=*/nullptr,
- /*base_ssl_config_for_proxies=*/std::make_unique<SSLConfig>()),
- TRAFFIC_ANNOTATION_FOR_TESTS, LOW, SocketTag(),
- ClientSocketPool::RespectLimits::ENABLED, callback1.callback(),
- ClientSocketPool::ProxyAuthCallback(), &proxy_pool,
- NetLogWithSource()),
+ handle1.Init(group_id1,
+ base::MakeRefCounted<ClientSocketPool::SocketParams>(
+ /*ssl_config_for_origin=*/nullptr),
+ TRAFFIC_ANNOTATION_FOR_TESTS, LOW, SocketTag(),
+ ClientSocketPool::RespectLimits::ENABLED,
+ callback1.callback(), ClientSocketPool::ProxyAuthCallback(),
+ &proxy_pool, NetLogWithSource()),
IsError(ERR_IO_PENDING));
TransportClientSocketPool::GroupId group_id2(
url::SchemeHostPort(url::kHttpScheme, kHost, 80),
PrivacyMode::PRIVACY_MODE_DISABLED, kNetworkAnonymizationKey2,
- SecureDnsPolicy::kAllow);
+ SecureDnsPolicy::kAllow, /*disable_cert_network_fetches=*/false);
ClientSocketHandle handle2;
TestCompletionCallback callback2;
EXPECT_THAT(
- handle2.Init(
- group_id2,
- base::MakeRefCounted<ClientSocketPool::SocketParams>(
- /*ssl_config_for_origin=*/nullptr,
- /*base_ssl_config_for_proxies=*/std::make_unique<SSLConfig>()),
- TRAFFIC_ANNOTATION_FOR_TESTS, LOW, SocketTag(),
- ClientSocketPool::RespectLimits::ENABLED, callback2.callback(),
- ClientSocketPool::ProxyAuthCallback(), &proxy_pool,
- NetLogWithSource()),
+ handle2.Init(group_id2,
+ base::MakeRefCounted<ClientSocketPool::SocketParams>(
+ /*ssl_config_for_origin=*/nullptr),
+ TRAFFIC_ANNOTATION_FOR_TESTS, LOW, SocketTag(),
+ ClientSocketPool::RespectLimits::ENABLED,
+ callback2.callback(), ClientSocketPool::ProxyAuthCallback(),
+ &proxy_pool, NetLogWithSource()),
IsError(ERR_IO_PENDING));
ASSERT_EQ(2u, session_deps_.host_resolver->last_id());
- EXPECT_EQ(kProxyChain.proxy_server().host_port_pair().host(),
- session_deps_.host_resolver->request_host(1));
- EXPECT_EQ(kProxyChain.proxy_server().host_port_pair().host(),
- session_deps_.host_resolver->request_host(2));
+ EXPECT_EQ(
+ kProxyChain.GetProxyServer(/*server_index=*/0).host_port_pair().host(),
+ session_deps_.host_resolver->request_host(1));
+ EXPECT_EQ(
+ kProxyChain.GetProxyServer(/*server_index=*/0).host_port_pair().host(),
+ session_deps_.host_resolver->request_host(2));
EXPECT_TRUE(session_deps_.host_resolver->request_network_anonymization_key(1)
.IsTransient());
EXPECT_EQ(session_deps_.host_resolver->request_network_anonymization_key(1),
@@ -2041,8 +2036,8 @@ TEST_F(TransportClientSocketPoolTest, NetworkIsolationKeyHttpsProxy) {
// Test that, in the case of a SOCKS5 proxy, the passed in
// NetworkAnonymizationKey is used for the destination DNS lookup, and the same
// transient NetworkAnonymizationKey is reused for resolving the proxy's host,
-// regardless of input NIK.
-TEST_F(TransportClientSocketPoolTest, NetworkIsolationKeySocks4Proxy) {
+// regardless of input NAK.
+TEST_F(TransportClientSocketPoolTest, NetworkAnonymizationKeySocks4Proxy) {
const SchemefulSite kSite1(GURL("https://foo.test/"));
const auto kNetworkAnonymizationKey1 =
NetworkAnonymizationKey::CreateSameSite(kSite1);
@@ -2079,14 +2074,13 @@ TEST_F(TransportClientSocketPoolTest, NetworkIsolationKeySocks4Proxy) {
TransportClientSocketPool::GroupId group_id1(
url::SchemeHostPort(url::kHttpScheme, kHost, 80),
PrivacyMode::PRIVACY_MODE_DISABLED, kNetworkAnonymizationKey1,
- SecureDnsPolicy::kAllow);
+ SecureDnsPolicy::kAllow, /*disable_cert_network_fetches=*/false);
ClientSocketHandle handle1;
TestCompletionCallback callback1;
EXPECT_THAT(
handle1.Init(group_id1,
base::MakeRefCounted<ClientSocketPool::SocketParams>(
- /*ssl_config_for_origin=*/nullptr,
- /*base_ssl_config_for_proxies=*/nullptr),
+ /*ssl_config_for_origin=*/nullptr),
TRAFFIC_ANNOTATION_FOR_TESTS, LOW, SocketTag(),
ClientSocketPool::RespectLimits::ENABLED,
callback1.callback(), ClientSocketPool::ProxyAuthCallback(),
@@ -2096,14 +2090,13 @@ TEST_F(TransportClientSocketPoolTest, NetworkIsolationKeySocks4Proxy) {
TransportClientSocketPool::GroupId group_id2(
url::SchemeHostPort(url::kHttpScheme, kHost, 80),
PrivacyMode::PRIVACY_MODE_DISABLED, kNetworkAnonymizationKey2,
- SecureDnsPolicy::kAllow);
+ SecureDnsPolicy::kAllow, /*disable_cert_network_fetches=*/false);
ClientSocketHandle handle2;
TestCompletionCallback callback2;
EXPECT_THAT(
handle2.Init(group_id2,
base::MakeRefCounted<ClientSocketPool::SocketParams>(
- /*ssl_config_for_origin=*/nullptr,
- /*base_ssl_config_for_proxies=*/nullptr),
+ /*ssl_config_for_origin=*/nullptr),
TRAFFIC_ANNOTATION_FOR_TESTS, LOW, SocketTag(),
ClientSocketPool::RespectLimits::ENABLED,
callback2.callback(), ClientSocketPool::ProxyAuthCallback(),
@@ -2111,19 +2104,21 @@ TEST_F(TransportClientSocketPoolTest, NetworkIsolationKeySocks4Proxy) {
IsError(ERR_IO_PENDING));
// First two lookups are for the proxy's hostname, and should use the same
- // transient NIK.
+ // transient NAK.
ASSERT_EQ(2u, session_deps_.host_resolver->last_id());
- EXPECT_EQ(kProxyChain.proxy_server().host_port_pair().host(),
- session_deps_.host_resolver->request_host(1));
- EXPECT_EQ(kProxyChain.proxy_server().host_port_pair().host(),
- session_deps_.host_resolver->request_host(2));
+ EXPECT_EQ(
+ kProxyChain.GetProxyServer(/*server_index=*/0).host_port_pair().host(),
+ session_deps_.host_resolver->request_host(1));
+ EXPECT_EQ(
+ kProxyChain.GetProxyServer(/*server_index=*/0).host_port_pair().host(),
+ session_deps_.host_resolver->request_host(2));
EXPECT_TRUE(session_deps_.host_resolver->request_network_anonymization_key(1)
.IsTransient());
EXPECT_EQ(session_deps_.host_resolver->request_network_anonymization_key(1),
session_deps_.host_resolver->request_network_anonymization_key(2));
// First two lookups completes, starting the next two, which should be for the
- // destination's hostname, and should use the passed in NIKs.
+ // destination's hostname, and should use the passed in NAKs.
session_deps_.host_resolver->ResolveNow(1);
session_deps_.host_resolver->ResolveNow(2);
ASSERT_EQ(4u, session_deps_.host_resolver->last_id());
@@ -2137,8 +2132,8 @@ TEST_F(TransportClientSocketPoolTest, NetworkIsolationKeySocks4Proxy) {
// Test that, in the case of a SOCKS5 proxy, the same transient
// NetworkAnonymizationKey is reused for resolving the proxy's host, regardless
-// of input NIK.
-TEST_F(TransportClientSocketPoolTest, NetworkIsolationKeySocks5Proxy) {
+// of input NAK.
+TEST_F(TransportClientSocketPoolTest, NetworkAnonymizationKeySocks5Proxy) {
const SchemefulSite kSite1(GURL("https://foo.test/"));
const auto kNetworkAnonymizationKey1 =
NetworkAnonymizationKey::CreateSameSite(kSite1);
@@ -2166,14 +2161,13 @@ TEST_F(TransportClientSocketPoolTest, NetworkIsolationKeySocks5Proxy) {
TransportClientSocketPool::GroupId group_id1(
url::SchemeHostPort(url::kHttpScheme, kHost, 80),
PrivacyMode::PRIVACY_MODE_DISABLED, kNetworkAnonymizationKey1,
- SecureDnsPolicy::kAllow);
+ SecureDnsPolicy::kAllow, /*disable_cert_network_fetches=*/false);
ClientSocketHandle handle1;
TestCompletionCallback callback1;
EXPECT_THAT(
handle1.Init(group_id1,
base::MakeRefCounted<ClientSocketPool::SocketParams>(
- /*ssl_config_for_origin=*/nullptr,
- /*base_ssl_config_for_proxies=*/nullptr),
+ /*ssl_config_for_origin=*/nullptr),
TRAFFIC_ANNOTATION_FOR_TESTS, LOW, SocketTag(),
ClientSocketPool::RespectLimits::ENABLED,
callback1.callback(), ClientSocketPool::ProxyAuthCallback(),
@@ -2183,14 +2177,13 @@ TEST_F(TransportClientSocketPoolTest, NetworkIsolationKeySocks5Proxy) {
TransportClientSocketPool::GroupId group_id2(
url::SchemeHostPort(url::kHttpScheme, kHost, 80),
PrivacyMode::PRIVACY_MODE_DISABLED, kNetworkAnonymizationKey2,
- SecureDnsPolicy::kAllow);
+ SecureDnsPolicy::kAllow, /*disable_cert_network_fetches=*/false);
ClientSocketHandle handle2;
TestCompletionCallback callback2;
EXPECT_THAT(
handle2.Init(group_id2,
base::MakeRefCounted<ClientSocketPool::SocketParams>(
- /*ssl_config_for_origin=*/nullptr,
- /*base_ssl_config_for_proxies=*/nullptr),
+ /*ssl_config_for_origin=*/nullptr),
TRAFFIC_ANNOTATION_FOR_TESTS, LOW, SocketTag(),
ClientSocketPool::RespectLimits::ENABLED,
callback2.callback(), ClientSocketPool::ProxyAuthCallback(),
@@ -2198,10 +2191,12 @@ TEST_F(TransportClientSocketPoolTest, NetworkIsolationKeySocks5Proxy) {
IsError(ERR_IO_PENDING));
ASSERT_EQ(2u, session_deps_.host_resolver->last_id());
- EXPECT_EQ(kProxyChain.proxy_server().host_port_pair().host(),
- session_deps_.host_resolver->request_host(1));
- EXPECT_EQ(kProxyChain.proxy_server().host_port_pair().host(),
- session_deps_.host_resolver->request_host(2));
+ EXPECT_EQ(
+ kProxyChain.GetProxyServer(/*server_index=*/0).host_port_pair().host(),
+ session_deps_.host_resolver->request_host(1));
+ EXPECT_EQ(
+ kProxyChain.GetProxyServer(/*server_index=*/0).host_port_pair().host(),
+ session_deps_.host_resolver->request_host(2));
EXPECT_TRUE(session_deps_.host_resolver->request_network_anonymization_key(1)
.IsTransient());
EXPECT_EQ(session_deps_.host_resolver->request_network_anonymization_key(1),
@@ -2215,10 +2210,10 @@ TEST_F(TransportClientSocketPoolTest, HasActiveSocket) {
ClientSocketHandle handle;
ClientSocketPool::GroupId group_id1(
kEndpoint1, PrivacyMode::PRIVACY_MODE_DISABLED, NetworkAnonymizationKey(),
- SecureDnsPolicy::kAllow);
+ SecureDnsPolicy::kAllow, /*disable_cert_network_fetches=*/false);
ClientSocketPool::GroupId group_id2(
kEndpoint2, PrivacyMode::PRIVACY_MODE_DISABLED, NetworkAnonymizationKey(),
- SecureDnsPolicy::kAllow);
+ SecureDnsPolicy::kAllow, /*disable_cert_network_fetches=*/false);
// HasActiveSocket() must return false before creating a socket.
EXPECT_FALSE(pool_->HasActiveSocket(group_id1));
@@ -2300,7 +2295,7 @@ TEST_F(TransportClientSocketPoolTest, Tag) {
const ClientSocketPool::GroupId kGroupId(
url::SchemeHostPort(test_server.base_url()),
PrivacyMode::PRIVACY_MODE_DISABLED, NetworkAnonymizationKey(),
- SecureDnsPolicy::kAllow);
+ SecureDnsPolicy::kAllow, /*disable_cert_network_fetches=*/false);
scoped_refptr<ClientSocketPool::SocketParams> params =
ClientSocketPool::SocketParams::CreateForHttpForTesting();
TestCompletionCallback callback;
@@ -2426,11 +2421,11 @@ TEST_F(TransportClientSocketPoolTest, TagSOCKSProxy) {
const url::SchemeHostPort kDestination(url::kHttpScheme, "host", 80);
const ClientSocketPool::GroupId kGroupId(
kDestination, PrivacyMode::PRIVACY_MODE_DISABLED,
- NetworkAnonymizationKey(), SecureDnsPolicy::kAllow);
+ NetworkAnonymizationKey(), SecureDnsPolicy::kAllow,
+ /*disable_cert_network_fetches=*/false);
scoped_refptr<ClientSocketPool::SocketParams> socks_params =
base::MakeRefCounted<ClientSocketPool::SocketParams>(
- /*ssl_config_for_origin=*/nullptr,
- /*base_ssl_config_for_proxies=*/nullptr);
+ /*ssl_config_for_origin=*/nullptr);
// Test socket is tagged when created synchronously.
SOCKS5MockData data_sync(SYNCHRONOUS);
@@ -2520,14 +2515,13 @@ TEST_F(TransportClientSocketPoolTest, TagSSLDirect) {
const ClientSocketPool::GroupId kGroupId(
url::SchemeHostPort(test_server.base_url()),
PrivacyMode::PRIVACY_MODE_DISABLED, NetworkAnonymizationKey(),
- SecureDnsPolicy::kAllow);
+ SecureDnsPolicy::kAllow, /*disable_cert_network_fetches=*/false);
auto ssl_config_for_origin = std::make_unique<SSLConfig>();
ssl_config_for_origin->alpn_protos = {kProtoHTTP2, kProtoHTTP11};
scoped_refptr<ClientSocketPool::SocketParams> socket_params =
base::MakeRefCounted<ClientSocketPool::SocketParams>(
- std::move(ssl_config_for_origin),
- /*base_ssl_config_for_proxies=*/nullptr);
+ std::move(ssl_config_for_origin));
// Test socket is tagged before connected.
uint64_t old_traffic = GetTaggedBytes(tag_val1);
@@ -2593,13 +2587,12 @@ TEST_F(TransportClientSocketPoolTest, TagSSLDirectTwoSockets) {
const ClientSocketPool::GroupId kGroupId(
url::SchemeHostPort(test_server.base_url()),
PrivacyMode::PRIVACY_MODE_DISABLED, NetworkAnonymizationKey(),
- SecureDnsPolicy::kAllow);
+ SecureDnsPolicy::kAllow, /*disable_cert_network_fetches=*/false);
auto ssl_config_for_origin = std::make_unique<SSLConfig>();
ssl_config_for_origin->alpn_protos = {kProtoHTTP2, kProtoHTTP11};
scoped_refptr<ClientSocketPool::SocketParams> socket_params =
base::MakeRefCounted<ClientSocketPool::SocketParams>(
- std::move(ssl_config_for_origin),
- /*base_ssl_config_for_proxies=*/nullptr);
+ std::move(ssl_config_for_origin));
// Test connect jobs that are orphaned and then adopted, appropriately apply
// new tag. Request socket with |tag1|.
@@ -2659,13 +2652,12 @@ TEST_F(TransportClientSocketPoolTest, TagSSLDirectTwoSocketsFullPool) {
const ClientSocketPool::GroupId kGroupId(
url::SchemeHostPort(test_server.base_url()),
PrivacyMode::PRIVACY_MODE_DISABLED, NetworkAnonymizationKey(),
- SecureDnsPolicy::kAllow);
+ SecureDnsPolicy::kAllow, /*disable_cert_network_fetches=*/false);
auto ssl_config_for_origin = std::make_unique<SSLConfig>();
ssl_config_for_origin->alpn_protos = {kProtoHTTP2, kProtoHTTP11};
scoped_refptr<ClientSocketPool::SocketParams> socket_params =
base::MakeRefCounted<ClientSocketPool::SocketParams>(
- std::move(ssl_config_for_origin),
- /*base_ssl_config_for_proxies=*/nullptr);
+ std::move(ssl_config_for_origin));
// Test that sockets paused by a full underlying socket pool are properly
// connected and tagged when underlying pool is freed up.
@@ -2741,11 +2733,11 @@ TEST_F(TransportClientSocketPoolTest, TagHttpProxyNoTunnel) {
80);
const ClientSocketPool::GroupId kGroupId(
kDestination, PrivacyMode::PRIVACY_MODE_DISABLED,
- NetworkAnonymizationKey(), SecureDnsPolicy::kAllow);
+ NetworkAnonymizationKey(), SecureDnsPolicy::kAllow,
+ /*disable_cert_network_fetches=*/false);
scoped_refptr<ClientSocketPool::SocketParams> socket_params =
base::MakeRefCounted<ClientSocketPool::SocketParams>(
- /*ssl_config_for_origin=*/nullptr,
- /*base_ssl_config_for_proxies=*/nullptr);
+ /*ssl_config_for_origin=*/nullptr);
// Verify requested socket is tagged properly.
ClientSocketHandle handle;
@@ -2814,14 +2806,14 @@ TEST_F(TransportClientSocketPoolTest, TagHttpProxyTunnel) {
443);
const ClientSocketPool::GroupId kGroupId(
kDestination, PrivacyMode::PRIVACY_MODE_DISABLED,
- NetworkAnonymizationKey(), SecureDnsPolicy::kAllow);
+ NetworkAnonymizationKey(), SecureDnsPolicy::kAllow,
+ /*disable_cert_network_fetches=*/false);
auto ssl_config_for_origin = std::make_unique<SSLConfig>();
ssl_config_for_origin->alpn_protos = {kProtoHTTP2, kProtoHTTP11};
scoped_refptr<ClientSocketPool::SocketParams> socket_params =
base::MakeRefCounted<ClientSocketPool::SocketParams>(
- std::move(ssl_config_for_origin),
- /*base_ssl_config_for_proxies=*/nullptr);
+ std::move(ssl_config_for_origin));
// Verify requested socket is tagged properly.
ClientSocketHandle handle;
@@ -2932,15 +2924,15 @@ TEST_F(TransportClientSocketPoolMockNowSourceTest, IdleUnusedSocketTimeout) {
// Create 1 socket.
scoped_refptr<ClientSocketPool::SocketParams> socket_params =
base::MakeRefCounted<ClientSocketPool::SocketParams>(
- /*ssl_config_for_origin=*/nullptr,
- /*base_ssl_config_for_proxies=*/nullptr);
+ /*ssl_config_for_origin=*/nullptr);
session_deps.socket_factory->AddSocketDataProvider(&provider_socket_1);
ClientSocketHandle connection;
TestCompletionCallback callback;
int rv = connection.Init(
ClientSocketPool::GroupId(
kSchemeHostPort1, PrivacyMode::PRIVACY_MODE_DISABLED,
- NetworkAnonymizationKey(), SecureDnsPolicy::kAllow),
+ NetworkAnonymizationKey(), SecureDnsPolicy::kAllow,
+ /*disable_cert_network_fetches=*/false),
ClientSocketPool::SocketParams::CreateForHttpForTesting(),
/*proxy_annotation_tag=*/absl::nullopt, MEDIUM, SocketTag(),
ClientSocketPool::RespectLimits::ENABLED, callback.callback(),
@@ -2977,8 +2969,7 @@ TEST_F(TransportClientSocketPoolMockNowSourceTest, IdleUnusedSocketTimeout) {
// Request a new socket to trigger cleanup of idle timedout sockets.
scoped_refptr<ClientSocketPool::SocketParams> socket_params =
base::MakeRefCounted<ClientSocketPool::SocketParams>(
- /*ssl_config_for_origin=*/nullptr,
- /*base_ssl_config_for_proxies=*/nullptr);
+ /*ssl_config_for_origin=*/nullptr);
SequencedSocketData provider_socket_2(MockConnect(ASYNC, OK),
base::span<MockRead>(),
base::span<MockWrite>());
@@ -2988,7 +2979,8 @@ TEST_F(TransportClientSocketPoolMockNowSourceTest, IdleUnusedSocketTimeout) {
int rv = connection.Init(
ClientSocketPool::GroupId(
kSchemeHostPort2, PrivacyMode::PRIVACY_MODE_DISABLED,
- NetworkAnonymizationKey(), SecureDnsPolicy::kAllow),
+ NetworkAnonymizationKey(), SecureDnsPolicy::kAllow,
+ /*disable_cert_network_fetches=*/false),
socket_params, /*proxy_annotation_tag=*/absl::nullopt, MEDIUM,
SocketTag(), ClientSocketPool::RespectLimits::ENABLED,
callback.callback(), ClientSocketPool::ProxyAuthCallback(),
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-15 10:11:34 +0000